package com.yntsoft.realm;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import com.yntsoft.entity.Permission;
import com.yntsoft.entity.ShiroUser;
import com.yntsoft.entity.User;
import com.yntsoft.service.PermissionService;
import com.yntsoft.service.UserService;

/**
 * 
 * 自定义 realm
 * @author Tony
 *
 */
public class CustomRealm  extends AuthorizingRealm{
	
	@Autowired
	private UserService userService;
	
	@Autowired
	private PermissionService permissionService;

	// 用于授权
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		//将getPrimaryPrincipal方法返回值转为真实身份类型（在上边的doGetAuthenticationInfo认证通过填充到SimpleAuthenticationInfo中身份类型），
		ShiroUser shiroUser =  (ShiroUser) principals.getPrimaryPrincipal();
		
		//根据身份信息获取权限信息
		//从数据库获取到权限数据
		List<Permission> permissionList = null;
		try {
			permissionList = permissionService.queryPermission(shiroUser.getUserId(),Permission.TYPE_PERMISSION);
		} catch (Exception e) {
			e.printStackTrace();
		}
		//2016年12月15日15:47:31  注释
		permissionList.addAll(shiroUser.getMenus());
		List<Permission> menus = permissionService.queryMenu(shiroUser.getUserId(),Permission.TYPE_MENU,null);
		for(int i= 0 ; i < menus.size(); i++){
			permissionList.addAll(menus.get(i).getChildrenPermission());
		}
		List<String> permissions = new ArrayList<String>();
		if(permissionList!=null){
			for(Permission permission:permissionList){
				//将数据库中的权限标签 符放入集合
				permissions.add(permission.getPermissionCode());
			}
		}
		//查到权限数据，返回授权信息(要包括 上边的permissions)
		SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		//将上边查询到授权信息填充到simpleAuthorizationInfo对象中
		simpleAuthorizationInfo.addStringPermissions(permissions);
		/*simpleAuthorizationInfo.addRoles(roles);*/
		return simpleAuthorizationInfo;
	}

	//realm的认证方法，从数据库查询用户信息 用户登录时 用于校验  用户的信息
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
		String userName = (String)authenticationToken.getPrincipal();//获取表单提交过来的用户名
		User user = userService.queryUserByUserName(userName);
		if(user==null){
			return null;
		}
		String pwd = user.getPassword();
		String salt = user.getSalt();
		ShiroUser shiroUser = new ShiroUser();
		if(user != null){
			//List<Permission> list = permissionService.queryByUserId(user.getId(),Permission.TYPE_MENU);
			List<Permission> list = permissionService.queryMenu(user.getId(),Permission.TYPE_MENU,null);
			shiroUser.setMenus(list);
		}
		shiroUser.setUsercode(userName);
		shiroUser.setUsername(user.getRealName());
		shiroUser.setUserId(user.getId());
		SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
				shiroUser, pwd,ByteSource.Util.bytes(salt), this.getName());
		return simpleAuthenticationInfo;
	}

}
